@logto/js 1.0.0 → 1.1.2

package/lib/module.d.mts

@@ -1,221 +0,0 @@
-import { KeysToCamelCase, NormalizeKeyPaths, Nullable } from "@silverhand/essentials";
-import { JWTVerifyGetKey } from "jose";
-export const ContentType: {
-    formUrlEncoded: {
-        'Content-Type': string;
-    };
-};
-export enum TokenGrantType {
-    AuthorizationCode = "authorization_code",
-    RefreshToken = "refresh_token"
-}
-export enum QueryKey {
-    ClientId = "client_id",
-    Code = "code",
-    CodeChallenge = "code_challenge",
-    CodeChallengeMethod = "code_challenge_method",
-    CodeVerifier = "code_verifier",
-    Error = "error",
-    ErrorDescription = "error_description",
-    GrantType = "grant_type",
-    IdToken = "id_token",
-    IdTokenHint = "id_token_hint",
-    PostLogoutRedirectUri = "post_logout_redirect_uri",
-    Prompt = "prompt",
-    RedirectUri = "redirect_uri",
-    RefreshToken = "refresh_token",
-    Resource = "resource",
-    ResponseType = "response_type",
-    Scope = "scope",
-    State = "state",
-    Token = "token"
-}
-export enum Prompt {
-    Consent = "consent",
-    Login = "login"
-}
-export enum ReservedScope {
-    OpenId = "openid",
-    OfflineAccess = "offline_access"
-}
-/**
- * Scopes for ID Token and Userinfo Endpoint.
- */
-export enum UserScope {
-    /**
-     * Scope for basic user info.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Profile = "profile",
-    /**
-     * Scope for user email address.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Email = "email",
-    /**
-     * Scope for user phone number.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Phone = "phone",
-    /**
-     * Scope for user's custom data.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    CustomData = "custom_data",
-    /**
-     * Scope for user's social identity details.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Identities = "identities"
-}
-export type LogtoRequestErrorBody = {
-    code: string;
-    message: string;
-};
-export type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;
-export type FetchTokenByAuthorizationCodeParameters = {
-    clientId: string;
-    tokenEndpoint: string;
-    redirectUri: string;
-    codeVerifier: string;
-    code: string;
-    resource?: string;
-};
-export type FetchTokenByRefreshTokenParameters = {
-    clientId: string;
-    tokenEndpoint: string;
-    refreshToken: string;
-    resource?: string;
-    scopes?: string[];
-};
-type SnakeCaseCodeTokenResponse = {
-    access_token: string;
-    refresh_token?: string;
-    id_token: string;
-    scope: string;
-    expires_in: number;
-};
-export type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;
-type SnakeCaseRefreshTokenTokenResponse = {
-    access_token: string;
-    refresh_token: string;
-    id_token?: string;
-    scope: string;
-    expires_in: number;
-};
-export type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;
-export const fetchTokenByAuthorizationCode: ({ clientId, tokenEndpoint, redirectUri, codeVerifier, code, resource, }: FetchTokenByAuthorizationCodeParameters, requester: Requester) => Promise<CodeTokenResponse>;
-export const fetchTokenByRefreshToken: ({ clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters, requester: Requester) => Promise<RefreshTokenTokenResponse>;
-type OidcConfigSnakeCaseResponse = {
-    authorization_endpoint: string;
-    token_endpoint: string;
-    userinfo_endpoint: string;
-    end_session_endpoint: string;
-    revocation_endpoint: string;
-    jwks_uri: string;
-    issuer: string;
-};
-export const discoveryPath = "/oidc/.well-known/openid-configuration";
-export type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;
-export const fetchOidcConfig: (endpoint: string, requester: Requester) => Promise<OidcConfigResponse>;
-export const revoke: (revocationEndpoint: string, clientId: string, token: string, requester: Requester) => Promise<void>;
-export const isArbitraryObject: (data: unknown) => data is Record<string, unknown>;
-declare const logtoErrorCodes: Readonly<{
-    id_token: {
-        invalid_iat: string;
-        invalid_token: string;
-    };
-    callback_uri_verification: {
-        redirect_uri_mismatched: string;
-        error_found: string;
-        missing_state: string;
-        state_mismatched: string;
-        missing_code: string;
-    };
-    crypto_subtle_unavailable: "Crypto.subtle is unavailable in insecure contexts (non-HTTPS).";
-    unexpected_response_error: "Unexpected response error from the server.";
-}>;
-export type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;
-export class LogtoError extends Error {
-    code: LogtoErrorCode;
-    data: unknown;
-    constructor(code: LogtoErrorCode, data?: unknown);
-}
-export const isLogtoRequestError: (data: unknown) => data is {
-    code: string;
-    message: string;
-};
-export class LogtoRequestError extends Error {
-    code: string;
-    constructor(code: string, message: string);
-}
-export class OidcError {
-    error: string;
-    errorDescription?: string | undefined;
-    constructor(error: string, errorDescription?: string | undefined);
-}
-export const parseUriParameters: (uri: string) => URLSearchParams;
-export const verifyAndParseCodeFromCallbackUri: (callbackUri: string, redirectUri: string, state: string) => string;
-export type IdTokenClaims = {
-    iss: string;
-    sub: string;
-    aud: string;
-    exp: number;
-    iat: number;
-    at_hash?: Nullable<string>;
-    name?: Nullable<string>;
-    username?: Nullable<string>;
-    picture?: Nullable<string>;
-    email?: Nullable<string>;
-    email_verified?: boolean;
-    phone_number?: Nullable<string>;
-    phone_number_verified?: boolean;
-};
-export const verifyIdToken: (idToken: string, clientId: string, issuer: string, jwks: JWTVerifyGetKey) => Promise<void>;
-export const decodeIdToken: (token: string) => IdTokenClaims;
-/**
- * @param originalScopes
- * @return scopes should contain all default scopes (`openid`, `offline_access` and `profile`)
- */
-export const withDefaultScopes: (originalScopes?: string[]) => string;
-export type SignInUriParameters = {
-    authorizationEndpoint: string;
-    clientId: string;
-    redirectUri: string;
-    codeChallenge: string;
-    state: string;
-    scopes?: string[];
-    resources?: string[];
-    prompt?: Prompt;
-};
-export const generateSignInUri: ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, }: SignInUriParameters) => string;
-type SignOutUriParameters = {
-    endSessionEndpoint: string;
-    clientId: string;
-    postLogoutRedirectUri?: string;
-};
-export const generateSignOutUri: ({ endSessionEndpoint, clientId, postLogoutRedirectUri, }: SignOutUriParameters) => string;
-type Identity = {
-    userId: string;
-    details?: Record<string, unknown>;
-};
-export type UserInfoResponse = {
-    sub: string;
-    name?: Nullable<string>;
-    username?: Nullable<string>;
-    picture?: Nullable<string>;
-    email?: Nullable<string>;
-    email_verified?: boolean;
-    phone_number?: Nullable<string>;
-    phone_number_verified?: boolean;
-    custom_data?: unknown;
-    identities?: Record<string, Identity>;
-};
-export const fetchUserInfo: (userInfoEndpoint: string, accessToken: string, requester: Requester) => Promise<UserInfoResponse>;
-
-//# sourceMappingURL=index.d.ts.map

package/lib/module.mjs

@@ -1,397 +0,0 @@
-import $lyZgO$camelcasekeys from "camelcase-keys";
-import {conditional as $lyZgO$conditional, urlSafeBase64 as $lyZgO$urlSafeBase64} from "@silverhand/essentials";
-import $lyZgO$lodashget from "lodash.get";
-import {jwtVerify as $lyZgO$jwtVerify} from "jose";
-
-function $parcel$exportWildcard(dest, source) {
-  Object.keys(source).forEach(function(key) {
-    if (key === 'default' || key === '__esModule' || dest.hasOwnProperty(key)) {
-      return;
-    }
-
-    Object.defineProperty(dest, key, {
-      enumerable: true,
-      get: function get() {
-        return source[key];
-      }
-    });
-  });
-
-  return dest;
-}
-function $parcel$export(e, n, v, s) {
-  Object.defineProperty(e, n, {get: v, set: s, enumerable: true, configurable: true});
-}
-/* istanbul ignore file */ var $1eda3e9ea5865065$exports = {};
-var $ce6f2a62716522ae$exports = {};
-
-$parcel$export($ce6f2a62716522ae$exports, "fetchTokenByAuthorizationCode", () => $ce6f2a62716522ae$export$684f740cd70532d4);
-$parcel$export($ce6f2a62716522ae$exports, "fetchTokenByRefreshToken", () => $ce6f2a62716522ae$export$9909137b467efb8b);
-
-var $5422b71ae76f21f1$exports = {};
-
-$parcel$export($5422b71ae76f21f1$exports, "ContentType", () => $5422b71ae76f21f1$export$e2e108cbe2e4f865);
-$parcel$export($5422b71ae76f21f1$exports, "TokenGrantType", () => $5422b71ae76f21f1$export$3f2aafdd1ccae76c);
-$parcel$export($5422b71ae76f21f1$exports, "QueryKey", () => $5422b71ae76f21f1$export$65f63a8bc3cba53d);
-$parcel$export($5422b71ae76f21f1$exports, "Prompt", () => $5422b71ae76f21f1$export$83716a4aa1642908);
-$parcel$export($5422b71ae76f21f1$exports, "ReservedScope", () => $5422b71ae76f21f1$export$1d2e82cebfd4b08);
-$parcel$export($5422b71ae76f21f1$exports, "UserScope", () => $5422b71ae76f21f1$export$4b02c5b431f6eb78);
-const $5422b71ae76f21f1$export$e2e108cbe2e4f865 = {
-    formUrlEncoded: {
-        "Content-Type": "application/x-www-form-urlencoded"
-    }
-};
-let $5422b71ae76f21f1$export$3f2aafdd1ccae76c;
-(function(TokenGrantType) {
-    TokenGrantType["AuthorizationCode"] = "authorization_code";
-    TokenGrantType["RefreshToken"] = "refresh_token";
-})($5422b71ae76f21f1$export$3f2aafdd1ccae76c || ($5422b71ae76f21f1$export$3f2aafdd1ccae76c = {}));
-let $5422b71ae76f21f1$export$65f63a8bc3cba53d;
-(function(QueryKey) {
-    QueryKey["ClientId"] = "client_id";
-    QueryKey["Code"] = "code";
-    QueryKey["CodeChallenge"] = "code_challenge";
-    QueryKey["CodeChallengeMethod"] = "code_challenge_method";
-    QueryKey["CodeVerifier"] = "code_verifier";
-    QueryKey["Error"] = "error";
-    QueryKey["ErrorDescription"] = "error_description";
-    QueryKey["GrantType"] = "grant_type";
-    QueryKey["IdToken"] = "id_token";
-    QueryKey["IdTokenHint"] = "id_token_hint";
-    QueryKey["PostLogoutRedirectUri"] = "post_logout_redirect_uri";
-    QueryKey["Prompt"] = "prompt";
-    QueryKey["RedirectUri"] = "redirect_uri";
-    QueryKey["RefreshToken"] = "refresh_token";
-    QueryKey["Resource"] = "resource";
-    QueryKey["ResponseType"] = "response_type";
-    QueryKey["Scope"] = "scope";
-    QueryKey["State"] = "state";
-    QueryKey["Token"] = "token";
-})($5422b71ae76f21f1$export$65f63a8bc3cba53d || ($5422b71ae76f21f1$export$65f63a8bc3cba53d = {}));
-let $5422b71ae76f21f1$export$83716a4aa1642908;
-(function(Prompt) {
-    Prompt["Consent"] = "consent";
-    Prompt["Login"] = "login";
-})($5422b71ae76f21f1$export$83716a4aa1642908 || ($5422b71ae76f21f1$export$83716a4aa1642908 = {}));
-let $5422b71ae76f21f1$export$1d2e82cebfd4b08;
-(function(ReservedScope) {
-    ReservedScope["OpenId"] = "openid";
-    ReservedScope["OfflineAccess"] = "offline_access";
-})($5422b71ae76f21f1$export$1d2e82cebfd4b08 || ($5422b71ae76f21f1$export$1d2e82cebfd4b08 = {}));
-let $5422b71ae76f21f1$export$4b02c5b431f6eb78;
-(function(UserScope) {
-    UserScope[/**
-   * Scope for basic user info.
-   *
-   * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-   */ "Profile"] = "profile";
-    UserScope[/**
-   * Scope for user email address.
-   *
-   * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-   */ "Email"] = "email";
-    UserScope[/**
-   * Scope for user phone number.
-   *
-   * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-   */ "Phone"] = "phone";
-    UserScope[/**
-   * Scope for user's custom data.
-   *
-   * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-   */ "CustomData"] = "custom_data";
-    UserScope[/**
-   * Scope for user's social identity details.
-   *
-   * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-   */ "Identities"] = "identities";
-})($5422b71ae76f21f1$export$4b02c5b431f6eb78 || ($5422b71ae76f21f1$export$4b02c5b431f6eb78 = {}));
-
-
-const $ce6f2a62716522ae$export$684f740cd70532d4 = async ({ clientId: clientId , tokenEndpoint: tokenEndpoint , redirectUri: redirectUri , codeVerifier: codeVerifier , code: code , resource: resource  }, requester)=>{
-    const parameters = new URLSearchParams();
-    parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).ClientId, clientId);
-    parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Code, code);
-    parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).CodeVerifier, codeVerifier);
-    parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).RedirectUri, redirectUri);
-    parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).GrantType, (0, $5422b71ae76f21f1$export$3f2aafdd1ccae76c).AuthorizationCode);
-    if (resource) parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Resource, resource);
-    const snakeCaseCodeTokenResponse = await requester(tokenEndpoint, {
-        method: "POST",
-        headers: (0, $5422b71ae76f21f1$export$e2e108cbe2e4f865).formUrlEncoded,
-        body: parameters
-    });
-    return (0, $lyZgO$camelcasekeys)(snakeCaseCodeTokenResponse);
-};
-const $ce6f2a62716522ae$export$9909137b467efb8b = async ({ clientId: clientId , tokenEndpoint: tokenEndpoint , refreshToken: refreshToken , resource: resource , scopes: scopes  }, requester)=>{
-    const parameters = new URLSearchParams();
-    parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).ClientId, clientId);
-    parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).RefreshToken, refreshToken);
-    parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).GrantType, (0, $5422b71ae76f21f1$export$3f2aafdd1ccae76c).RefreshToken);
-    if (resource) parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Resource, resource);
-    if (scopes?.length) parameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Scope, scopes.join(" "));
-    const snakeCaseRefreshTokenTokenResponse = await requester(tokenEndpoint, {
-        method: "POST",
-        headers: (0, $5422b71ae76f21f1$export$e2e108cbe2e4f865).formUrlEncoded,
-        body: parameters
-    });
-    return (0, $lyZgO$camelcasekeys)(snakeCaseRefreshTokenTokenResponse);
-};
-
-
-var $eefdbfea5ec3abd9$exports = {};
-
-$parcel$export($eefdbfea5ec3abd9$exports, "discoveryPath", () => $eefdbfea5ec3abd9$export$815bda5ead26b243);
-$parcel$export($eefdbfea5ec3abd9$exports, "fetchOidcConfig", () => $eefdbfea5ec3abd9$export$98242d8e822ad11f);
-
-const $eefdbfea5ec3abd9$export$815bda5ead26b243 = "/oidc/.well-known/openid-configuration";
-const $eefdbfea5ec3abd9$export$98242d8e822ad11f = async (endpoint, requester)=>(0, $lyZgO$camelcasekeys)(await requester(endpoint));
-
-
-var $7397ba7739ada584$exports = {};
-
-$parcel$export($7397ba7739ada584$exports, "revoke", () => $7397ba7739ada584$export$573f8dbbf6fbef75);
-
-const $7397ba7739ada584$export$573f8dbbf6fbef75 = async (revocationEndpoint, clientId, token, requester)=>requester(revocationEndpoint, {
-        method: "POST",
-        headers: (0, $5422b71ae76f21f1$export$e2e108cbe2e4f865).formUrlEncoded,
-        body: new URLSearchParams({
-            [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).ClientId]: clientId,
-            [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Token]: token
-        })
-    });
-
-
-var $bfba480b8ff41607$exports = {};
-
-$parcel$export($bfba480b8ff41607$exports, "generateSignInUri", () => $bfba480b8ff41607$export$b01a187f12b774c6);
-
-var $40555044b252dc61$exports = {};
-var $2cac19d9fad63bff$exports = {};
-
-$parcel$export($2cac19d9fad63bff$exports, "parseUriParameters", () => $2cac19d9fad63bff$export$4851e69315d5b72c);
-$parcel$export($2cac19d9fad63bff$exports, "verifyAndParseCodeFromCallbackUri", () => $2cac19d9fad63bff$export$dc3fae3c99763885);
-
-
-var $ab66c74b65acc6a3$exports = {};
-
-$parcel$export($ab66c74b65acc6a3$exports, "LogtoError", () => $ab66c74b65acc6a3$export$ba60d77e6748b659);
-$parcel$export($ab66c74b65acc6a3$exports, "isLogtoRequestError", () => $ab66c74b65acc6a3$export$27f79c8238476d38);
-$parcel$export($ab66c74b65acc6a3$exports, "LogtoRequestError", () => $ab66c74b65acc6a3$export$e6e15b8ba42b9b70);
-$parcel$export($ab66c74b65acc6a3$exports, "OidcError", () => $ab66c74b65acc6a3$export$d4832bcf9ce430e0);
-
-var $428623a300dc9baf$exports = {};
-
-$parcel$export($428623a300dc9baf$exports, "isArbitraryObject", () => $428623a300dc9baf$export$aa016a295c6092c8);
-const $428623a300dc9baf$export$aa016a295c6092c8 = (data)=>typeof data === "object" && data !== null;
-
-
-const $ab66c74b65acc6a3$var$logtoErrorCodes = Object.freeze({
-    id_token: {
-        invalid_iat: "Invalid issued at time in the ID token",
-        invalid_token: "Invalid ID token"
-    },
-    callback_uri_verification: {
-        redirect_uri_mismatched: "The callback URI mismatches the redirect URI.",
-        error_found: "Error found in the callback URI",
-        missing_state: "Missing state in the callback URI",
-        state_mismatched: "State mismatched in the callback URI",
-        missing_code: "Missing code in the callback URI"
-    },
-    crypto_subtle_unavailable: "Crypto.subtle is unavailable in insecure contexts (non-HTTPS).",
-    unexpected_response_error: "Unexpected response error from the server."
-});
-const $ab66c74b65acc6a3$var$getMessageByErrorCode = (errorCode)=>{
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
-    const message = (0, $lyZgO$lodashget)($ab66c74b65acc6a3$var$logtoErrorCodes, errorCode);
-    if (typeof message === "string") return message;
-    return errorCode;
-};
-class $ab66c74b65acc6a3$export$ba60d77e6748b659 extends Error {
-    constructor(code, data){
-        super($ab66c74b65acc6a3$var$getMessageByErrorCode(code));
-        this.code = code;
-        this.data = data;
-    }
-}
-const $ab66c74b65acc6a3$export$27f79c8238476d38 = (data)=>{
-    if (!(0, $428623a300dc9baf$export$aa016a295c6092c8)(data)) return false;
-    return typeof data.code === "string" && typeof data.message === "string";
-};
-class $ab66c74b65acc6a3$export$e6e15b8ba42b9b70 extends Error {
-    constructor(code, message){
-        super(message);
-        this.code = code;
-    }
-}
-class $ab66c74b65acc6a3$export$d4832bcf9ce430e0 {
-    constructor(error, errorDescription){
-        this.error = error;
-        this.errorDescription = errorDescription;
-    }
-}
-
-
-const $2cac19d9fad63bff$export$4851e69315d5b72c = (uri)=>{
-    const [, queryString = ""] = uri.split("?");
-    return new URLSearchParams(queryString);
-};
-const $2cac19d9fad63bff$export$dc3fae3c99763885 = (callbackUri, redirectUri, state)=>{
-    if (!callbackUri.startsWith(redirectUri)) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("callback_uri_verification.redirect_uri_mismatched");
-    const uriParameters = $2cac19d9fad63bff$export$4851e69315d5b72c(callbackUri);
-    const error = (0, $lyZgO$conditional)(uriParameters.get((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Error));
-    const errorDescription = (0, $lyZgO$conditional)(uriParameters.get((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).ErrorDescription));
-    if (error) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("callback_uri_verification.error_found", new (0, $ab66c74b65acc6a3$export$d4832bcf9ce430e0)(error, errorDescription));
-    const stateFromCallbackUri = uriParameters.get((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).State);
-    if (!stateFromCallbackUri) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("callback_uri_verification.missing_state");
-    if (stateFromCallbackUri !== state) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("callback_uri_verification.state_mismatched");
-    const code = uriParameters.get((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Code);
-    if (!code) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("callback_uri_verification.missing_code");
-    return code;
-};
-
-
-
-var $dfd50234d3585f12$exports = {};
-
-$parcel$export($dfd50234d3585f12$exports, "verifyIdToken", () => $dfd50234d3585f12$export$b5b3317c8aecbcd5);
-$parcel$export($dfd50234d3585f12$exports, "decodeIdToken", () => $dfd50234d3585f12$export$aac2d5b7f5cd16d5);
-
-
-
-
-const $dfd50234d3585f12$var$issuedAtTimeTolerance = 60;
-/* eslint-disable complexity */ /**
- * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)
- */ function $dfd50234d3585f12$var$assertIdTokenClaims(data) {
-    if (!(0, $428623a300dc9baf$export$aa016a295c6092c8)(data)) throw new TypeError("IdToken is expected to be an object");
-    for (const key of [
-        "iss",
-        "sub",
-        "aud"
-    ]){
-        if (typeof data[key] !== "string") throw new TypeError(`At path: IdToken.${key}: expected a string`);
-    }
-    for (const key of [
-        "exp",
-        "iat"
-    ]){
-        if (typeof data[key] !== "number") throw new TypeError(`At path: IdToken.${key}: expected a number`);
-    }
-    for (const key of [
-        "at_hash",
-        "name",
-        "username",
-        "picture",
-        "email",
-        "phone_number"
-    ]){
-        if (data[key] === undefined) continue;
-        if (typeof data[key] !== "string" && data[key] !== null) throw new TypeError(`At path: IdToken.${key}: expected null or a string`);
-    }
-    for (const key of [
-        "email_verified",
-        "phone_number_verified"
-    ]){
-        if (data[key] === undefined) continue;
-        if (typeof data[key] !== "boolean") throw new TypeError(`At path: IdToken.${key}: expected a boolean`);
-    }
-}
-const $dfd50234d3585f12$export$b5b3317c8aecbcd5 = async (idToken, clientId, issuer, jwks)=>{
-    const result = await (0, $lyZgO$jwtVerify)(idToken, jwks, {
-        audience: clientId,
-        issuer: issuer
-    });
-    if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > $dfd50234d3585f12$var$issuedAtTimeTolerance) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("id_token.invalid_iat");
-};
-const $dfd50234d3585f12$export$aac2d5b7f5cd16d5 = (token)=>{
-    const { 1: encodedPayload  } = token.split(".");
-    if (!encodedPayload) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("id_token.invalid_token");
-    const json = (0, $lyZgO$urlSafeBase64).decode(encodedPayload);
-    const idTokenClaims = JSON.parse(json);
-    $dfd50234d3585f12$var$assertIdTokenClaims(idTokenClaims);
-    return idTokenClaims;
-};
-
-
-var $570e2e6b31a027ff$exports = {};
-
-$parcel$export($570e2e6b31a027ff$exports, "withDefaultScopes", () => $570e2e6b31a027ff$export$3cf0748e30b766d7);
-
-const $570e2e6b31a027ff$export$3cf0748e30b766d7 = (originalScopes)=>{
-    const reservedScopes = Object.values((0, $5422b71ae76f21f1$export$1d2e82cebfd4b08));
-    const uniqueScopes = new Set([
-        ...reservedScopes,
-        (0, $5422b71ae76f21f1$export$4b02c5b431f6eb78).Profile,
-        ...originalScopes ?? []
-    ]);
-    return Array.from(uniqueScopes).join(" ");
-};
-
-
-
-$parcel$exportWildcard($40555044b252dc61$exports, $2cac19d9fad63bff$exports);
-$parcel$exportWildcard($40555044b252dc61$exports, $ab66c74b65acc6a3$exports);
-$parcel$exportWildcard($40555044b252dc61$exports, $dfd50234d3585f12$exports);
-$parcel$exportWildcard($40555044b252dc61$exports, $570e2e6b31a027ff$exports);
-$parcel$exportWildcard($40555044b252dc61$exports, $428623a300dc9baf$exports);
-
-
-const $bfba480b8ff41607$var$codeChallengeMethod = "S256";
-const $bfba480b8ff41607$var$responseType = "code";
-const $bfba480b8ff41607$export$b01a187f12b774c6 = ({ authorizationEndpoint: authorizationEndpoint , clientId: clientId , redirectUri: redirectUri , codeChallenge: codeChallenge , state: state , scopes: scopes , resources: resources , prompt: prompt  })=>{
-    const urlSearchParameters = new URLSearchParams({
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).ClientId]: clientId,
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).RedirectUri]: redirectUri,
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).CodeChallenge]: codeChallenge,
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).CodeChallengeMethod]: $bfba480b8ff41607$var$codeChallengeMethod,
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).State]: state,
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).ResponseType]: $bfba480b8ff41607$var$responseType,
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Prompt]: prompt ?? (0, $5422b71ae76f21f1$export$83716a4aa1642908).Consent,
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Scope]: (0, $570e2e6b31a027ff$export$3cf0748e30b766d7)(scopes)
-    });
-    for (const resource of resources ?? [])urlSearchParameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Resource, resource);
-    return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;
-};
-
-
-var $fcccd93c698efc4f$exports = {};
-
-$parcel$export($fcccd93c698efc4f$exports, "generateSignOutUri", () => $fcccd93c698efc4f$export$b3c9a2bd2330de28);
-
-const $fcccd93c698efc4f$export$b3c9a2bd2330de28 = ({ endSessionEndpoint: endSessionEndpoint , clientId: clientId , postLogoutRedirectUri: postLogoutRedirectUri  })=>{
-    const urlSearchParameters = new URLSearchParams({
-        [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).ClientId]: clientId
-    });
-    if (postLogoutRedirectUri) urlSearchParameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).PostLogoutRedirectUri, postLogoutRedirectUri);
-    return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;
-};
-
-
-var $4fde57d99d3b8df5$exports = {};
-
-$parcel$export($4fde57d99d3b8df5$exports, "fetchUserInfo", () => $4fde57d99d3b8df5$export$eee09f98e5b044aa);
-const $4fde57d99d3b8df5$export$eee09f98e5b044aa = async (userInfoEndpoint, accessToken, requester)=>requester(userInfoEndpoint, {
-        headers: {
-            Authorization: `Bearer ${accessToken}`
-        }
-    });
-
-
-$parcel$exportWildcard($1eda3e9ea5865065$exports, $ce6f2a62716522ae$exports);
-$parcel$exportWildcard($1eda3e9ea5865065$exports, $eefdbfea5ec3abd9$exports);
-$parcel$exportWildcard($1eda3e9ea5865065$exports, $7397ba7739ada584$exports);
-$parcel$exportWildcard($1eda3e9ea5865065$exports, $bfba480b8ff41607$exports);
-$parcel$exportWildcard($1eda3e9ea5865065$exports, $fcccd93c698efc4f$exports);
-$parcel$exportWildcard($1eda3e9ea5865065$exports, $4fde57d99d3b8df5$exports);
-
-
-
-
-var $be59ab5b66bc1c36$exports = {};
-
-
-
-
-export {$ce6f2a62716522ae$export$684f740cd70532d4 as fetchTokenByAuthorizationCode, $ce6f2a62716522ae$export$9909137b467efb8b as fetchTokenByRefreshToken, $eefdbfea5ec3abd9$export$815bda5ead26b243 as discoveryPath, $eefdbfea5ec3abd9$export$98242d8e822ad11f as fetchOidcConfig, $7397ba7739ada584$export$573f8dbbf6fbef75 as revoke, $bfba480b8ff41607$export$b01a187f12b774c6 as generateSignInUri, $fcccd93c698efc4f$export$b3c9a2bd2330de28 as generateSignOutUri, $4fde57d99d3b8df5$export$eee09f98e5b044aa as fetchUserInfo, $2cac19d9fad63bff$export$4851e69315d5b72c as parseUriParameters, $2cac19d9fad63bff$export$dc3fae3c99763885 as verifyAndParseCodeFromCallbackUri, $ab66c74b65acc6a3$export$ba60d77e6748b659 as LogtoError, $ab66c74b65acc6a3$export$27f79c8238476d38 as isLogtoRequestError, $ab66c74b65acc6a3$export$e6e15b8ba42b9b70 as LogtoRequestError, $ab66c74b65acc6a3$export$d4832bcf9ce430e0 as OidcError, $dfd50234d3585f12$export$b5b3317c8aecbcd5 as verifyIdToken, $dfd50234d3585f12$export$aac2d5b7f5cd16d5 as decodeIdToken, $570e2e6b31a027ff$export$3cf0748e30b766d7 as withDefaultScopes, $428623a300dc9baf$export$aa016a295c6092c8 as isArbitraryObject, $5422b71ae76f21f1$export$e2e108cbe2e4f865 as ContentType, $5422b71ae76f21f1$export$3f2aafdd1ccae76c as TokenGrantType, $5422b71ae76f21f1$export$65f63a8bc3cba53d as QueryKey, $5422b71ae76f21f1$export$83716a4aa1642908 as Prompt, $5422b71ae76f21f1$export$1d2e82cebfd4b08 as ReservedScope, $5422b71ae76f21f1$export$4b02c5b431f6eb78 as UserScope};
-//# sourceMappingURL=module.mjs.map